Preface:#
A password manager is a very useful tool that can help us easily remember usernames and complex, irregular passwords for various websites, and can also generate secure passwords when creating users. Previously, I relied on Chrome's built-in password manager, which is very useful for automatic synchronization, website loading and password filling, password generation, and other basic functions.
But later on, I found that I had registered several different Google accounts for different purposes, and the passwords were not synchronized. It was very inconvenient when I needed to retrieve a password. I had the idea of creating my own Bitwarden a long time ago, but I was too lazy to implement it, and the official recommendation was a 4GB memory server, with a minimum of 2GB server, and I didn't have any free servers at hand.
So I used 1Password for a few months, which costs a few dollars a month. The UI interface of the software is also very nice, but I still feel a little reluctant to spend tens of dollars every month to host my passwords. Fortunately, recently I accidentally bought a 4H4G server with an annual payment, and I regretted it after buying it and couldn't get a refund, so I created my own Bitwarden.
First, let's talk about the differences between the two products for me. 1Password looks good, the UI is very comfortable, and it has all the functions of a password manager. The only thing is that the password filling doesn't make me feel more comfortable than Chrome's native one. Bitwarden's UI is average, and it also has the problem of password filling when loading web pages. Maybe I haven't used the two software for a long time, so they haven't been well adapted.
Installation Tutorial:#
Directly adopt the official Linux standard deployment: https://bitwarden.com/help/install-on-premise-linux/
First, prepare a domain name resolution to the server, and then a server with a minimum of 2GB memory, 4GB is optimal, and the server should be in a clean environment.
Install Docker and Docker-Compose: Docker one-click installation script
- Create the bitwarden user:
sudo adduser bitwarden
- Set a password (strong password) for the bitwarden user:
sudo passwd bitwarden
- Create a docker group (if it does not already exist):
sudo groupadd docker
- Add the bitwarden user to the docker group:
sudo usermod -aG docker bitwarden
- Create the bitwarden directory:
sudo mkdir /opt/bitwarden
- Set the permissions for the /opt/bitwarden directory:
sudo chmod -R 700 /opt/bitwarden
- Set the bitwarden user as the owner of the /opt/bitwarden directory:
sudo chown -R bitwarden:bitwarden /opt/bitwarden
Bitwarden provides a shell script that can be easily installed on Linux and Windows (PowerShell). Follow these steps to install Bitwarden using the shell script:
su bitwarden # Switch to the user first, then execute the following script
curl -Lso bitwarden.sh "https://func.bitwarden.com/api/dl/?app=self-host&platform=linux" && chmod 700 bitwarden.sh
./bitwarden.sh install
Enter your domain name:
[bitwarden@vultr ~]$ ./bitwarden.sh install
_ _ _ _
| |__ (_) |___ ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V V / (_| | | | (_| | __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_|
Open source password management solutions
Copyright 2015-2024, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 2024.6.1
Docker version 26.1.4, build 5650f9b
docker-compose version 1.29.2, build 5becea4c
(!) Enter the domain name for your Bitwarden instance (ex. bitwarden.example.com):
Whether to enable SSL:
(!) Do you want to use Let's Encrypt to generate a free SSL certificate? (y/n):
Enter an email address to apply for a certificate:
Enter your email address (Let's Encrypt will send you certificate expiration reminders)
Wait for a dozen seconds to apply for the certificate, and then the following content will appear (enter the database name):
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(!) Enter the database name for your Bitwarden instance (ex. vault):
Get the installation ID and key at https://bitwarden.com/host/:
(!) Enter your installation id (get at https://bitwarden.com/host):
(!) Enter your installation key:
(!) Enter your region (US/EU) [US]:
After completing these operations, you will find that there are still some dots on the screen. After waiting for a dozen seconds, the deployment is half completed. Our overall file is in: /home/bitwarden/bwdata
We can also modify the /home/bitwarden/bwdata/env/global.override.env
file. You can see what some of the specific content means at: https://bitwarden.com/help/install-on-premise-manual/. If you want the background function, you can configure the sending email in this file.
The background is the domain name + admin. You need to enter the administrator's email to log in. It should be the email entered when applying for the ID and key. Then you need to receive an email to log in. The background function seems to only have some functions to view and manage users, and cannot see some passwords of users. I haven't configured the sending email, so I'm not sure about the specific functions.
If you don't understand this file, you can leave it unchanged and then execute: ./bitwarden.sh start
. Wait for the image to be pulled and you can access your domain name. Create an account, log in to the account, and import passwords. Install Bitwarden on your browser or device, and choose self-hosted when logging in.
Bitwarden will automatically back up the database every day, and the main files are in /home/bitwarden/bwdata
. Everyone can back up this directory.
As for how to restore backup files, I haven't tried it yet. You can refer to the official documentation for the specific operations.